https://fedorahosted.org/freeipa/ticket/563
https://fedorahosted.org/freeipa/ticket/588
Jan
From 5d23b3fad0dd8bc9633e5a69d069d9346f52 Mon Sep 17 00:00:00 2001
From: Jan Zeleny jzel...@redhat.com
Date: Thu, 17 Feb 2011 03:55:14 -0500
Subject: [PATCH] Document the --rights output format
On Wed, Feb 16, 2011 at 05:26:55PM +0100, Jan Zeleny wrote:
Adam Tkac at...@redhat.com wrote:
On Wed, Feb 16, 2011 at 10:53:14AM +0100, Jan Zelený wrote:
This patch ensures that PTR records added by FreeIPA are compliant with
RFC.
Nack.
In my opinion the _ptrrecord_pre_callback
Jakub Hrozek jhro...@redhat.com wrote:
While reviewing Rob's latest patch I found out that we didn't convert to
unicode on couple of places in the host plugin.
ack
Jan
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
JR Aquino jr.aqu...@citrix.com wrote:
This patch addresses the need to utilize TLS when using the
ipa-client-install tool. It addresses ticket:
https://fedorahosted.org/freeipa/ticket/974
Nack, running ipa-client-install returned this error:
# ipa-client-install
Retrieving CA from None
Jan Zelený jzel...@redhat.com wrote:
Jakub Hrozek jhro...@redhat.com wrote:
While reviewing Rob's latest patch I found out that we didn't convert to
unicode on couple of places in the host plugin.
ack
On a second thoughts - maybe the _get_unicode_reverse_zone isn't necessary at
all - is
On Thu, Feb 17, 2011 at 11:06:35AM +0100, Jan Zelený wrote:
Jan Zelený jzel...@redhat.com wrote:
Jakub Hrozek jhro...@redhat.com wrote:
While reviewing Rob's latest patch I found out that we didn't convert to
unicode on couple of places in the host plugin.
ack
On a second thoughts
On Wed, 2011-02-16 at 10:46 -0500, Adam Young wrote:
Almost there.
I'd like to pull the sudo namespace out of ipa.js and put it into
sudorule.js, then indicate that the other sudo files depend on sudo
rule.
I guess I should have been clearer: stuff like facets and widgets
don't
Jakub Hrozek jhro...@redhat.com wrote:
On Thu, Feb 17, 2011 at 11:06:35AM +0100, Jan Zelený wrote:
Jan Zelený jzel...@redhat.com wrote:
Jakub Hrozek jhro...@redhat.com wrote:
While reviewing Rob's latest patch I found out that we didn't convert
to unicode on couple of places in the
On Thu, Feb 17, 2011 at 11:30:03AM +0100, Jan Zelený wrote:
Better, thanks. I'd also like to change the code which is using this function,
so the conversion doesn't take place twice.
I think it's safe. The documentation on unicode() says:
---
More precisely, if object is a Unicode string or
https://fedorahosted.org/freeipa/ticket/735
Jan
From 52fa78ffe70d581125f54ca9138e8afba06aacc8 Mon Sep 17 00:00:00 2001
From: Jan Zeleny jzel...@redhat.com
Date: Thu, 17 Feb 2011 07:25:57 -0500
Subject: [PATCH] Fixed user-add help
https://fedorahosted.org/freeipa/ticket/735
---
Sending updated patch
Jan
- Original Message -
From: Jan Zelený jzel...@redhat.com
To: freeipa-devel@redhat.com
Sent: Thursday, February 17, 2011 1:29:28 PM
Subject: [Freeipa-devel] [PATCH] 49 Fixed user-add help
https://fedorahosted.org/freeipa/ticket/735
JanFrom
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/563
https://fedorahosted.org/freeipa/ticket/588
Jan
This is a good start, I think we need to include some guidance on why
this exists and why it exists where it does.
It exists so a user interface can know in advance what the
On Thu, 2011-02-17 at 08:55 -0500, Jan Zeleny wrote:
Sending updated patch
Jan
- Original Message -
From: Jan Zelený jzel...@redhat.com
To: freeipa-devel@redhat.com
Sent: Thursday, February 17, 2011 1:29:28 PM
Subject: [Freeipa-devel] [PATCH] 49 Fixed user-add help
Lets try now. Attached is the corrected patch.
There were several spots in ipa-client-install where the server could be
defined and it was getting missed.
I have omitted any change to ipa-client-install and instead just focused
on ipadiscovery.py
ipadiscovery.py now performs its own fetch of the
Martin Kosek wrote:
On Thu, 2011-02-17 at 08:55 -0500, Jan Zeleny wrote:
Sending updated patch
Jan
- Original Message -
From: Jan Zelenýjzel...@redhat.com
To: freeipa-devel@redhat.com
Sent: Thursday, February 17, 2011 1:29:28 PM
Subject: [Freeipa-devel] [PATCH] 49 Fixed user-add help
Rob Crittenden rcrit...@redhat.com wrote:
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/563
https://fedorahosted.org/freeipa/ticket/588
Jan
This is a good start, I think we need to include some guidance on why
this exists and why it exists where it does.
It exists so a
If DNS Updates are available then try to register the ip address as
determined by connecting to the ipa server.
This allows also the creation of the DNS A record if none was available
before, which means you can add clients without having to pre-register
them in the DNS.
Fixes #935
Simo.
--
On Thu, 17 Feb 2011 11:34:30 -0500
Simo Sorce sso...@redhat.com wrote:
If DNS Updates are available then try to register the ip address as
determined by connecting to the ipa server.
This allows also the creation of the DNS A record if none was
available before, which means you can add
On 02/17/2011 11:13 AM, Kyle Baker wrote:
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
If we are going to make this change, please remove (git rm) the icons
that are no longer used as
Several of the subtab text items are no longer visible: user, host,
netgroups on the Identity tab, self service permissions on the Server TAb.
On 02/16/2011 10:33 AM, Kyle Baker wrote:
Ayoung, check it out.
___
Freeipa-devel mailing list
nsaccountlock doesn't have a visible Param but we want do so some basic
validation to be sure garbage doesn't get in there so do it in the
pre_callback of add and mod.
ticket 968
rob
freeipa-rcrit-729-nsaccountlock.patch
Description: application/mbox
On 02/17/2011 11:56 AM, Martin Kosek wrote:
Support of navigator.preferences that is used to access browser
configuration was dropped in Firefox 4. This disables automatic
configuration of user preferences in this browser that is needed
to use Kerberos single sign-on.
This patch detectes a lack
On 02/17/2011 05:21 AM, Martin Kosek wrote:
On Wed, 2011-02-16 at 10:46 -0500, Adam Young wrote:
Almost there.
I'd like to pull the sudo namespace out of ipa.js and put it into
sudorule.js, then indicate that the other sudo files depend on sudo
rule.
I guess I should have been clearer:
JR Aquino jr.aqu...@citrix.com wrote:
Lets try now. Attached is the corrected patch.
There were several spots in ipa-client-install where the server could be
defined and it was getting missed.
I have omitted any change to ipa-client-install and instead just focused
on ipadiscovery.py
On 2/17/11 3:23 AM, Jan Zelený jzel...@redhat.com wrote:
JR Aquino jr.aqu...@citrix.com wrote:
This patch fixes the netgroup plugin's behavior of adding duplicate
entries
when the managed entry plugin creates a netgroup with a mepManagedEntry
This problem is documented in ticket:
JR Aquino jr.aqu...@citrix.com wrote:
On 2/17/11 3:23 AM, Jan Zelený jzel...@redhat.com wrote:
JR Aquino jr.aqu...@citrix.com wrote:
This patch fixes the netgroup plugin's behavior of adding duplicate
entries
when the managed entry plugin creates a netgroup with a mepManagedEntry
This
Make managed netgroups (those created as a result of creating a
hostgroup) should be immutable. This aci will deny writes to a managed
netgroup.
ticket 962
rob
From 3032abc7900b619a8dde5219d8b0c53cf667e865 Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Thu, 17 Feb
On Wed, Feb 09, 2011 at 10:23:27AM +0100, Jan Zelený wrote:
Jakub Hrozek jhro...@redhat.com wrote:
On Thu, Feb 03, 2011 at 02:23:11PM +0100, Jan Zelený wrote:
Jakub Hrozek jhro...@redhat.com wrote:
Hi,
attached is a patch to nsslib.py that changes its semantics so
it is able
On Thu, Feb 17, 2011 at 08:25:37PM +0100, Jakub Hrozek wrote:
On Wed, Feb 09, 2011 at 10:23:27AM +0100, Jan Zelený wrote:
Jakub Hrozek jhro...@redhat.com wrote:
On Thu, Feb 03, 2011 at 02:23:11PM +0100, Jan Zelený wrote:
Jakub Hrozek jhro...@redhat.com wrote:
Hi,
attached
On 02/17/2011 12:09 PM, Adam Young wrote:
Several of the subtab text items are no longer visible: user, host,
netgroups on the Identity tab, self service permissions on the Server TAb.
On 02/16/2011 10:33 AM, Kyle Baker wrote:
Ayoung, check it out.
On 02/17/2011 12:03 PM, Adam Young wrote:
On 02/17/2011 11:13 AM, Kyle Baker wrote:
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
If we are going to make this change, please remove
ACK and pushed to master
Original Message
Subject:0013-Under-shadow-on-h1-and-removed-images.patch
Date: Thu, 17 Feb 2011 13:39:39 -0500 (EST)
From: Kyle Baker kyba...@redhat.com
To: Adam Young ayo...@redhat.com
From 882750cf20aee245a94d689fcf0f28a464e975e6
To test, try running ipa cert-remove-hold 11 with a selfsigned install
From f06c082f00d2b6506a796cc6a4317a77ba16f2f4 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek jhro...@redhat.com
Date: Thu, 17 Feb 2011 20:35:50 +0100
Subject: [PATCH] Raise NotImplementedError for selfsigned cert-remove-hold
---
On 2011-02-16 16:25, Pavel Zůna wrote:
Some translatable strings were in a wrong format a there were some more
related issues. This patch tries to fix all of them.
Needed for xgettext/pygettext processing.
Pavel
Rebased version attached.
Pavel
freeipa-pzuna-81-2-fixlocstrings.patch
On 2011-02-17 05:09, Rob Crittenden wrote:
Pavel Zůna wrote:
My efforts in fixing localization all around the framework and preparing
it for localizing docstrings have resulted in a lot of patches. Because
I understand they have become a bit hard to track, I decided to post
them all together in
Removed an image that is no longer used.
Pushed under the one line rule.
diff --git a/install/ui/Makefile.am b/install/ui/Makefile.am
index 327225e..e6ffed1 100644
--- a/install/ui/Makefile.am
+++ b/install/ui/Makefile.am
@@ -52,7 +52,6 @@ app_DATA = \
Configure SSSD to look in DNS for the IPA servers first, then fall back
to the server we configured against.
ticket 980
rob
From 3b47206b22417dad843bac1934b7cfd4b1ba15e4 Mon Sep 17 00:00:00 2001
From: Rob Crittenden rcrit...@redhat.com
Date: Thu, 17 Feb 2011 15:19:24 -0500
Subject: [PATCH]
On 2/17/11 11:02 AM, Rob Crittenden rcrit...@redhat.com wrote:
Make managed netgroups (those created as a result of creating a
hostgroup) should be immutable. This aci will deny writes to a managed
netgroup.
ticket 962
rob
___
Freeipa-devel mailing
On Thu, 17 Feb 2011 11:53:52 -0500
Simo Sorce sso...@redhat.com wrote:
On Thu, 17 Feb 2011 11:34:30 -0500
Simo Sorce sso...@redhat.com wrote:
If DNS Updates are available then try to register the ip address as
determined by connecting to the ipa server.
This allows also the
On Thu, Feb 17, 2011 at 03:23:18PM -0500, Rob Crittenden wrote:
Configure SSSD to look in DNS for the IPA servers first, then fall
back to the server we configured against.
ticket 980
rob
Works fine (tested both service discovery and failover), ack
Jan Zelený wrote:
Rob Crittendenrcrit...@redhat.com wrote:
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/563
https://fedorahosted.org/freeipa/ticket/588
Jan
This is a good start, I think we need to include some guidance on why
this exists and why it exists where it does.
It
Adam Tkac wrote:
On Wed, Feb 16, 2011 at 05:26:55PM +0100, Jan Zeleny wrote:
Adam Tkacat...@redhat.com wrote:
On Wed, Feb 16, 2011 at 10:53:14AM +0100, Jan Zelený wrote:
This patch ensures that PTR records added by FreeIPA are compliant with
RFC.
Nack.
In my opinion the
Pavel Zůna wrote:
On 2011-02-17 05:09, Rob Crittenden wrote:
Pavel Zůna wrote:
My efforts in fixing localization all around the framework and preparing
it for localizing docstrings have resulted in a lot of patches. Because
I understand they have become a bit hard to track, I decided to post
Jakub Hrozek wrote:
On Thu, Feb 17, 2011 at 12:01:05PM -0500, Rob Crittenden wrote:
nsaccountlock doesn't have a visible Param but we want do so some
basic validation to be sure garbage doesn't get in there so do it in
the pre_callback of add and mod.
ticket 968
rob
Ack
pushed to master
JR Aquino wrote:
On 2/17/11 11:02 AM, Rob Crittendenrcrit...@redhat.com wrote:
Make managed netgroups (those created as a result of creating a
hostgroup) should be immutable. This aci will deny writes to a managed
netgroup.
ticket 962
rob
___
Jakub Hrozek wrote:
On Thu, Feb 17, 2011 at 03:23:18PM -0500, Rob Crittenden wrote:
Configure SSSD to look in DNS for the IPA servers first, then fall
back to the server we configured against.
ticket 980
rob
Works fine (tested both service discovery and failover), ack
pushed to master
Jakub Hrozek wrote:
To test, try running ipa cert-remove-hold 11 with a selfsigned install
ack, pushed to master
___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel
Simo Sorce wrote:
On Thu, 17 Feb 2011 11:53:52 -0500
Simo Sorcesso...@redhat.com wrote:
On Thu, 17 Feb 2011 11:34:30 -0500
Simo Sorcesso...@redhat.com wrote:
If DNS Updates are available then try to register the ip address as
determined by connecting to the ipa server.
This allows also
On 2/17/11 9:46 AM, Jan Zeleny jzel...@redhat.com wrote:
JR Aquino jr.aqu...@citrix.com wrote:
Lets try now. Attached is the corrected patch.
There were several spots in ipa-client-install where the server could be
defined and it was getting missed.
I have omitted any change to
On Thu, 17 Feb 2011 18:12:56 -0500
Rob Crittenden rcrit...@redhat.com wrote:
Simo Sorce wrote:
On Thu, 17 Feb 2011 11:53:52 -0500
Simo Sorcesso...@redhat.com wrote:
On Thu, 17 Feb 2011 11:34:30 -0500
Simo Sorcesso...@redhat.com wrote:
If DNS Updates are available then try to
From 402ab3d26b67066a5230527130740a8a329064e7 Mon Sep 17 00:00:00 2001
From: Nathan Kinder nkin...@redhat.com
Date: Thu, 17 Feb 2011 16:37:39 -0800
Subject: [PATCH] Reset target DN when generated UUID is used as RDN
When the UUID plug-in generates a value that is used in the RDN
of the entry
Right before rc1 I discovered a problem in ipa-replica-prepare. It was
crashign when trying to generate the SSL certificates. The first time it
failed on nss_shutdown() claiming that NSS wasn't initialized. The
second time because some object was still in use.
I tracked this down to a change
I tried to follow the steps to setup Sudo on a client here:
https://fedoraproject.org/wiki/QA:Testcase_freeipav2_sudo
Of course, since my serve wasn't example.com, I had to modify the LDAP
fitlers. I got something wrong.
What would I use to script this in keeping with the ipa server
On Feb 17, 2011, at 8:38 PM, Adam Young ayo...@redhat.com wrote:
I tried to follow the steps to setup Sudo on a client here:
https://fedoraproject.org/wiki/QA:Testcase_freeipav2_sudo
Of course, since my serve wasn't example.com, I had to modify the LDAP
fitlers. I got something wrong.
Jan Zelený wrote:
David O'Brien dav...@redhat.com wrote:
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/784
https://fedorahosted.org/freeipa/ticket/786
https://fedorahosted.org/freeipa/ticket/787
Jan
nack
A few typos and style issues:
- _(File were to store the keytab
Jan Zelený wrote:
Rob Crittenden rcrit...@redhat.com wrote:
Jan Zelený wrote:
https://fedorahosted.org/freeipa/ticket/831
Jan
I think I'd like David's take on this, but my initial reaction is I'd
prefer the word maximum to maximal.
rob
The second patch is in attachment. Based on David's
56 matches
Mail list logo